@Sebastian,

 

Thank you for the detailed presentation of your arguments against the use of residential relays. While many (probably most) of the points you made are convincing and, coming from a DirAuth operator, difficult for me to contest, I would like to refer to those of them that seem to be less firm to me (I am not referring to the "political support" argument here, my points are purely technical):

 

1. If DirAuths are no longer the bottleneck , and the bottleneck shifted to the distribution of information about new relays, maybe it is the next problem that should be looked at and resolved by the Tor developers.

 

2. "Residential lines in particular ... hardware caves when too many connections are open in parallel" - this appears to be plain incorrect. A Pi based relay was recently reported here by @balbea that has 20%/60% CPU/memory utilization, respectively, 21 mbps (measured) peak/900 kbps (measured) average utilization by Tor, with 1300 simultaneous connections. The speed @balbea could squeeze out of his residential ISP is pretty amazing and, despite my call on this forum for further examples, unbeated and, to the best of my knowledge, all but unprecedented. And that's at 60% utilization of the bottleneck resource - the memory and the obvious under-utilization by Tor.  If anybody's residential relay "caves" he should get a $35 Raspberry Pi and - yay - no more caving hardware.

 

3. "the connection (which most often is asymmetric, with less upload capacity than down) were any near saturated using the internet would become a horribly slow and unpleasant experience" - I see no problem whatsoever to engineer  the use of bandwidth to 50% or 40% of the peak down  BW available to the relay, so that this problem will never happen. After all, every Tor instance does a bandwidth self-test and knows what's its peak down capacity. So this appears to be a non-issue (or maybe an issue that was "neglected by design").

 

So again, many of your arguments are convincing but there appears to be room for re-engineering the parts of Tor that deal with small relays, to get a greater benefit from them.

 

Moreover, there seems to be a disconnect between what I read, including on official Tor site, and the true state of affairs with small relays as presented by you. You are obviously a knowledgeable guy, and a member of the team that actually runs Tor and makes decisions. This makes me take your statement that running a small bridge is actually harmful, very seriously.

 

Therefore, based what you say, my logical conclusion is as follows: the best thing for Tor would be as many people as possible running exits; but since this is beyond the risk most people are willing to take, the next best thing is running a BIG and stable guard or a BIG and stable bridge. The lowest priority is a bandwidth-wise small (even if stable) residential relay or a small bridge, to the extent that these (the small ones) are not really needed and are actually likely to do damage by  overloading the Tor descriptor distribution mechanism or screwing up the way people use bridges, respectively.

 

Which makes me wonder - why aren't there clear guidelines on Tor site about this? I have read there (I do not remember on which page) the following recommendation (or rather, a call for action with an exclamation mark): "If you cannot be an exit, be a relay. If you cannot be a relay, be a bridge!" This is obviously addressed to people who do not have intimate knowledge of Tor and may be just about to make a decision to run a node. Nobody tells them that they should not run a bridge or a relay if they are on residential premises, let alone that this could actually do more damage than good.

 

Rana